make a shared XDG_RUNTIME_DIR part of the DESKTOP profile

diff --git a/README.md b/README.md
index e63c4e23c1f7c89b48edd3d506c8b6e244936367..52930dd22a30bdb301f6dade96a4e533f392fe2c 100644 (file)
--- a/README.md
+++ b/README.md
@@ -26,8 +26,7 @@ in a BubbleBox checkout with contents like this:
 from bubblebox import *
 
 bubblebox(
-  profiles.DEFAULT,
-  profiles.DESKTOP,
+  profiles.DESKTOP("gamejail"),
   dbus_proxy_flags("--own=com.steampowered.*"),
 
   home_access({
@@ -53,18 +52,21 @@ The `profiles.py` file contains some useful directives that are needed by most a
 - `profiles.DEFAULT` adds the basic flags to isolate the sandbox from the environment
   by unsharing all namespaces except for the network.
   This profile gives access to `/usr`, `/sys`, and `/etc` and also creates a
-  stub file system inside the sandbox that is basically always required. It
-  assumes a merged-usr setup, e.g. it will add `/bin` as a symlink to
-  `/usr/bin`. It also gives read-only access to some files in the home directory
-  that are often needed to make a basic shell work: `.bashrc`, `.bash_aliases`,
-  `.profile` and the `bin` directory.
-- `profiles.DESKTOP` is intended to make GUI applications work. It provides
-  access to DRI, X11, ALSA, Wayland, and PulseAudio. Furthermore, some GUI
-  configuration files (`.XCompose`, fontconfig, and default mime-type
-  associations) are made available to the sandbox. This also sets up the D-Bus
-  proxy and gives the application access to notifications, screen saver control,
-  status icons, and the flatpak portals (however, actually using these portals
-  is untested and would likely require further integration). Finally, it makes
+  stub file system inside the sandbox that is basically always required, such as
+  an empty folder to serve as XDG_RUNTIME_DIR. It assumes a merged-usr setup,
+  e.g. it will add `/bin` as a symlink to `/usr/bin`. It also gives read-only
+  access to some files in the home directory that are often needed to make a
+  basic shell work: `.bashrc`, `.bash_aliases`, `.profile` and the `bin`
+  directory.
+- `profiles.DESKTOP("name")` is intended to make GUI applications work. It
+  extends `DEFAULT` by providing access to DRI, X11, ALSA, Wayland, and
+  PulseAudio. Furthermore, some GUI configuration files (`.XCompose`,
+  fontconfig, and default mime-type associations) are made available to the
+  sandbox. The `name` is used to create an XDG_RUNTIME_DIR that will be shared
+  among all instances of this sandbox. This also sets up the D-Bus proxy and
+  gives the application access to notifications, screen saver control, status
+  icons, and the flatpak portals (however, actually using these portals is
+  untested and would likely require further integration). Finally, it makes
   clicking on links inside the sandbox work properly if your default browser is
   Firefox.
 
@@ -78,9 +80,6 @@ own sandboxes. Here are the key directives to use:
 - `bwrap_flags` allows passing flags directly to `bwrap`. This is rarely needed.
 - `dbus_proxy_flags` allows passing flags directly to `xdg-dbus-proxy`.
   This is the typical way to provide access to given D-Bus names.
-- `shared_runtime_dir("name")` ensures that all instances of the sandbox with this
-  name have a shared XDG_RUNTIME_DIR. This is needed e.g. for VSCodium instances
-  to find each other. This must be declared *before* `profiles.DESKTOP`.
 
 ## Source, License
 

diff --git a/profiles.py b/profiles.py
index decab8696b7976160aa9930aa3d36bee8d9ba3f3..5ac39c840442dde30f03ffd3dcc116f49d5e9ebd 100644 (file)
--- a/profiles.py
+++ b/profiles.py
@@ -21,25 +21,29 @@ DEFAULT = collect_flags(
 
 # https://github.com/igo95862/bubblejail is a good source of paths that need allowing.
 # We do not give access to pipewire, that needs a portal (https://docs.pipewire.org/page_portal.html).
-DESKTOP = collect_flags(
-  # Access to screen and audio
-  host_access({
-    "dev": {
-      ("dri", "snd"): Access.Device,
-    },
-    "/tmp/.X11-unix/": Access.Read,
-    os.environ["XAUTHORITY"]: Access.Read,
-    XDG_RUNTIME_DIR: {
-      ("wayland*", "pulse"): Access.Read,
-    },
-  }),
-  # Access to some key user configuration
-  home_access({
-    (".config/fontconfig", ".XCompose", ".local/share/applications"): Access.Read,
-  }),
-  # Access to basic d-bus services (that are hopefully safe to expose...)
-  dbus_proxy_flags("--talk=org.kde.StatusNotifierWatcher.*", "--talk=org.freedesktop.Notifications.*", "--talk=org.freedesktop.ScreenSaver.*", "--talk=org.freedesktop.portal.*"),
-  # Make it possible to open websites in Firefox
-  home_access({ ".mozilla/firefox/profiles.ini": Access.Read }),
-  dbus_proxy_flags("--talk=org.mozilla.firefox.*"),
-)
+def DESKTOP(name):
+  return collect_flags(
+    DEFAULT,
+    # Share XDG_RUNTIME_DIR among all instances of this sandbox
+    shared_runtime_dir(name),
+    # Access to screen and audio
+    host_access({
+      "dev": {
+        ("dri", "snd"): Access.Device,
+      },
+      "/tmp/.X11-unix/": Access.Read,
+      os.environ["XAUTHORITY"]: Access.Read,
+      XDG_RUNTIME_DIR: {
+        ("wayland*", "pulse"): Access.Read,
+      },
+    }),
+    # Access to some key user configuration
+    home_access({
+      (".config/fontconfig", ".XCompose", ".local/share/applications"): Access.Read,
+    }),
+    # Access to basic d-bus services (that are hopefully safe to expose...)
+    dbus_proxy_flags("--talk=org.kde.StatusNotifierWatcher.*", "--talk=org.freedesktop.Notifications.*", "--talk=org.freedesktop.ScreenSaver.*", "--talk=org.freedesktop.portal.*"),
+    # Make it possible to open websites in Firefox
+    home_access({ ".mozilla/firefox/profiles.ini": Access.Read }),
+    dbus_proxy_flags("--talk=org.mozilla.firefox.*"),
+  )